Cross side scripting safeguard mechanism in SharePoint 2010 – start preparation today…
Since the Beta of SharePoint 2010 is NOT going to be made available to the delegates at the SharePoint Conference in Vegas this week, it will be a few weeks before people will actually (besides the few that have already gotten an early build / virtual machine) get a chance to play around with SharePoint 2010.
So just so that you dont forget, here’s a little reminder on a new protection mechanism in 2010 that may break some of the webparts that you would expect to move right over to the next version.
Moving forward, webparts developers will have to design webparts in a way that do not have the need for users with Contributor priveledges to set custom webparts properties. The system simple does not allow controbutors to sedit these properties anymore. To edit custom webpart properties you need to have at least Designer rights. This may be a hard thing to remember, as the comtributor role normally have rights to set properties on webparts, but as from now on… not the custom ones…
The catch with this is, that this new cross side scripting safeguard will work on ALL webparts in your site. This also counts for the webparts that you have already built. So already today, you can – and you should – start to prepare for 2010 by running through all your webparts to identify where this will break your webparts.
I am planning to post more info on this later.